{"id":25814,"date":"2016-05-24T09:00:30","date_gmt":"2016-05-24T16:00:30","guid":{"rendered":"https:\/\/blog.xamarin.com\/?p=25814"},"modified":"2016-05-24T09:00:30","modified_gmt":"2016-05-24T16:00:30","slug":"authenticate-mobile-apps-using-microsoft-authentication-library","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/xamarin\/authenticate-mobile-apps-using-microsoft-authentication-library\/","title":{"rendered":"Authenticate Your Mobile Apps Using Microsoft Authentication Library"},"content":{"rendered":"

\t\t\t\tEnterprise applications often need to hook into existing infrastructure in mobile apps and many depend on Active Directory for authentication. Microsoft Azure Active Directory, which is a cloud based active directory, provides identity for such mobile apps. In a previous blog post<\/a>, we used Active Directory Authentication Library (ADAL) to authenticate mobile apps with AD. <\/p>\n

Microsoft recently released a successor<\/a> to this library named Microsoft Authentication Library (MSAL), which simplifies the registration of mobile apps with AD as well as streamlining authentication by handling Microsoft accounts, Azure AD accounts, and Azure AD B2C users with a single programming model. In this blog post, let’s dive into using MSAL for authenticating a Xamarin.Forms app with AD.<\/p>\n

Step 1: Register Your Mobile App<\/h2>\n

The first thing necessary to secure a mobile app with AD is to register it to use AD as an Identity Provider. To register, visit: https:\/\/apps.dev.microsoft.com<\/a>. There, you’ll see current applications using AD, as well as the ability to register new applications.<\/p>\n

\"MSAL-01-App-Listing\"<\/p>\n

On this page, click on the ‘Add an app’ button to register a new application.<\/p>\n

\"MSAL-02-Add-App\"<\/p>\n

Enter a name and click the ‘Create application’ button. This will take you to the next page.<\/p>\n

On this page, make a note of the Application Id and click on ‘Add Platform’ button and select ‘Mobile application’ as a platform. You can then add a company or app logo or other details before saving the application.<\/p>\n

Step 2: Set Up the\u00a0Application<\/h2>\n

MSAL is supported in Xamarin applications. Create a new Xamarin.Forms application and add the MSAL NuGet package<\/a>. If you’re using Visual Studio to create a Xamarin.Forms applications, a Windows Phone 8.1 project is added automatically, which is not supported by MSAL. This tutorial focuses on using Xamarin.Forms to create iOS, Android, and UWP apps. To correct this, we need to retarget the PCL by editing the .csproj file of the PCL and change the TargetFrameworkProfile<\/code> to Profile7<\/strong><\/span>:<\/p>\n

\nProfile7\n<\/pre>\n
Note:<\/em> MSAL, as used in this blog post, is still in preview. The code and\/or APIs may change by the time the MSAL NuGet is promoted from prerelease.<\/p>\n
Step 3: Create a Login Page<\/h2>\n
Add a Login Page in the PCL project. We’ll be using a PageRenderer<\/a> to create a platform-specific login user interface.<\/p>\n
To get started, declare a few static variables in App.cs (or App.xaml.cs if you’re using a XAML Application<\/code> class) and initialize them for our application to use:<\/p>\n
\npublic static PublicClientApplication ClientApplication { get; set; }\npublic static string[] Scopes = { \"User.Read\" };\npublic App()\n{\n   ClientApplication = new PublicClientApplication(\"your-app-id\");\n   var content = new Login();\n   MainPage = new NavigationPage(content);\n}\n<\/pre>\n
Add a label (WelcomeText<\/code>) and a button (LoginButton<\/code>) to the Login Page. Create an IPlatformParameters<\/code> object to hold platform specific parameters and add an event handler for LoginButton<\/code>. The codebehind for the Login Page should look something like this:<\/p>\n
\npublic IPlatformParameters PlatformParameters { get; set; }\npublic Login()\n{\n   InitializeComponent();\n   LoginButton.Clicked += LoginButton_Clicked;\n}\nprotected override void OnAppearing()\n{\n   App.ClientApplication.PlatformParameters = PlatformParameters;\n   base.OnAppearing();\n}\nprivate async void LoginButton_Clicked(object sender, EventArgs e)\n{\n   try\n   {\n      AuthenticationResult ar = await App.ClientApplication.AcquireTokenAsync(App.Scopes);\n      WelcomeText.Text = $\"Welcome {ar.User.Name}\";\n   }\n   catch (MsalException ex)\n   {\n      WelcomeText.Text = ex.Message;\n   }\n}<\/pre>\n
The AuthenticationResult<\/code> object contains the AccessToken<\/code>, which can later be used for calling any API secured by AD. Next, add a LoginPageRenderer<\/code> to the Android and iOS projects to help the library properly authenticate users.<\/p>\n
\n[assembly: ExportRenderer(typeof(Login), typeof(LoginPageRenderer))]\nnamespace MSALForForms.Droid\n{\n   public class LoginPageRenderer : PageRenderer\n   {\n      private Login _page;\n      protected override void OnElementChanged(ElementChangedEventArgs<Page> e)\n      {\n         base.OnElementChanged(e);\n         _page = e.NewElement as Login;\n         var activity = this.Context as Activity;\n         _page.PlatformParameters = new PlatformParameters(activity);\n      }\n    }\n}\n<\/pre>\n
\/\/Login Page Renderer for iOS\n[assembly: ExportRenderer(typeof(Login), typeof(LoginPageRenderer))]\nnamespace MSALForForms.iOS\n{\n   class LoginPageRenderer : PageRenderer\n   {\n      Login _page;\n      protected override void OnElementChanged(VisualElementChangedEventArgs e)\n      {\n          base.OnElementChanged(e);\n          _page = e.NewElement as Login;\n      }\n      public override void ViewDidLoad()\n      {\n          base.ViewDidLoad();\n          _page.PlatformParameters = new PlatformParameters(this);\n      }\n   }\n}<\/pre>\n
At this stage,\u00a0run the app on a device or simulator to see the results.<\/p>\n
\"MSAL-Screens\"<\/p>\n
Wrapping Up<\/h2>\n
Now that your application user is authenticated with MSAL, you can build apps that consume the Microsoft Graph API, Office 365 APIs, or even ASP.NET WebAPIs—any endpoint that is secured by AD can now be easily accessed without prompting the user to re-authenticate. For more information on MSAL, read the Build 2016 announcement for MSAL<\/a> from the Microsoft Identity team, or download the sample used in this blog post<\/a> to kickstart your next app using AD for user authentication.\t\t<\/p>\n","protected":false},"excerpt":{"rendered":"
Enterprise applications often need to hook into existing infrastructure in mobile apps and many depend on Active Directory for authentication. Microsoft Azure Active Directory, which is a cloud based active directory, provides identity for such mobile apps. In a previous blog post, we used Active Directory Authentication Library (ADAL) to authenticate mobile apps with AD. […]<\/p>\n","protected":false},"author":549,"featured_media":39167,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2],"tags":[4,16],"class_list":["post-25814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-developers","tag-xamarin-platform","tag-xamarin-forms"],"acf":[],"blog_post_summary":"
Enterprise applications often need to hook into existing infrastructure in mobile apps and many depend on Active Directory for authentication. Microsoft Azure Active Directory, which is a cloud based active directory, provides identity for such mobile apps. In a previous blog post, we used Active Directory Authentication Library (ADAL) to authenticate mobile apps with AD. […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/posts\/25814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/users\/549"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/comments?post=25814"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/posts\/25814\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/media\/39167"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/media?parent=25814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/categories?post=25814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/tags?post=25814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}